Supplier Privacy Policy

Pursuant to Art. 13 of Regulation (EU) 2016/679 (General Data Protection Regulation), we inform you that the personal data you freely provide as a Supplier (if the Supplier is a natural person or sole proprietor, otherwise the personal data of the directors and/or contact persons of the Supplier, if a legal person / Consultant / Professional) will be processed by Arcadia Srl, mainly by computer, for the following purposes: management of the relationship, fulfilment of accounting and tax obligations, scheduling of activities, management of disputes, performance of obligations arising from contractual relationships or for the performance of pre-contractual activities. The legal basis for the processing is the performance of a contract to which the Data Subject is party or of pre-contractual measures taken at the Data Subject’s request or a legal obligation (Art. 6(1)(b) and (c) GDPR). The provision of data is voluntary. However, failure to provide such data will not allow our Company to fulfil your request. We also inform you that the data you have freely provided will be disclosed to third parties. By this, we mean third parties authorised to process the data, insofar as they are entrusted with carrying out or providing specific services strictly functional to the execution of the contractual relationship (also through continuous processing). This includes banks and credit institutions; professionals, external debt collection companies and companies to audit your financial statements; providers of technological services, all in compliance with the legal provisions on data security. These subjects have been appointed as Data Processors pursuant to Article 28 GDPR, and the list is available upon request to the Data Controller. Under no circumstances will your data be divulged. Your data will not be communicated outside the EU, but should this be necessary, the Company will obtain the necessary guarantees for Data recipients located outside the EU to ensure that the data is transferred in compliance with the requirements of Chapter V of the GDPR. Data will be retained in full for the entire period of the contract’s performance; thereafter, the Data will be retained for ten years to comply with legal obligations, including the obligations set out in Article 2220 of the Italian Civil Code. Any further storage of data or part thereof may be ordered to assert or defend your rights in any possible forum, especially in the courts. Finally, pursuant to Art. 15 et seq. of Regulation (EU) 2016/679, we remind you that for further information or specific requests (deletion, blocking, updating, rectification, integration of data or opposition to processing) you may contact the Data Controller, by writing to ARCADIA Srl (P.IVA: 06710600963), with registered office at Corso Buenos Aires 54 - 20124 Milan (MI) Italy, Operating Office Via Achille Grandi 5/9 61034 Fossombrone (PU) Italy - or by sending an email to privacy@dondup.com. If each Party considers that the processing of the personal data provided violates the provisions of the Regulation, it has the right to lodge a complaint with the Data Protection Authority, as provided for by Article 77 of the Regulation itself, or to take legal action (Article 79 of the Regulation).